<?php

class Admin
{

	function validate_admin_session($id)
	{
		$conn = mysql_connect(DB_HOSTNAME, DB_USERNAME, DB_PASSWORD) or die('An error has occured: Could not connect to the MySQL database.');
		mysql_select_db(DB_NAME) or die("An error has occured:  Could not connect to the table.");
		
		$sql = "select * from wms_admin where admin_id = %s;";	
		$sql = sprintf($sql, mysql_real_escape_string($id));
			
		$result = mysql_query($sql);
	
		if(!$result) die("An error has occured: " . mysql_error());
		$row = mysql_fetch_assoc($result);
		
		mysql_close($conn);	
		return $row;
	}
	
	function admin_login($user, $pass)
	{
		$conn = mysql_connect(DB_HOSTNAME, DB_USERNAME, DB_PASSWORD) or die('An error has occured: Could not connect to the MySQL database.');
		mysql_select_db(DB_NAME) or die("An error has occured:  Could not connect to the table.");
		
		$sql = "select * from wms_admin where username = '%s' and passwd = '%s'";	
		$sql = sprintf($sql
			,mysql_real_escape_string($user)
			,mysql_real_escape_string(hash(algor, $pass)));
			
		$result = mysql_query($sql);
	
		if(!$result) die("An error has occured: " . mysql_error());
		$row = mysql_fetch_assoc($result);
		
		mysql_close($conn);
		return $row;
	}
	
	function update_lastvisit($id)
	{
		$conn = mysql_connect(DB_HOSTNAME, DB_USERNAME, DB_PASSWORD) or die('An error has occured: Could not connect to the MySQL database.');
		mysql_select_db(DB_NAME) or die("An error has occured:  Could not connect to the table.");
		
		$sql = "update wms_admin set lastvisit = '%s' where admin_id = %s;";	
		$sql = sprintf($sql
			,mysql_real_escape_string(date('Y-m-d H:i:s'))
			,mysql_real_escape_string($id));
			
		$result = mysql_query($sql);
		if(!$result) die("An error has occured: " . mysql_error());
		
		mysql_close($conn);	
	}
	
}

?>